1. Field of the Invention
The present invention relates to a technique whereby a software provider, for example, restricts the use of software, including computer application programs and digital data.
2. Background of the Invention
As the use of personal computers has spread, businesses for providing software, such as computer application programs (hereinafter referred to as programs) and digital data (hereinafter referred to as data), have become increasingly popular. Because of recent improvements in the processing capabilities of portable information terminals, including cellular phones, and of processors, such as CPUs and MPUs for IC cards, software executed by such devices has been, and continues to be, rapidly developed, and it is predicted that the popularity of software businesses will continue to rise.
In this situation, techniques are in demand whereby software providers, for example, can place restrictions on the use of their software. Especially, techniques restricting the combined use of software are required, because while software providers may authorize the combined use of one of their software and some types of software, they may not authorize the combined use of the same one and other types of software.
As a relevant conventional technique, tamper-proof IC cards are employed as software use platforms to increase the reliability of authorized software use.
For example, according to Japanese Patent Laid-Open Publication No. Hei 10-20958, to increase software use reliability, a software provider provides software using a form or a method that, while not impeding the authorized use of the software, ensures it can be operated only when a specific software use platform, such as an IC card, is used, and a software user employs the software by using the specific software use platform.
As another relevant conventional technique, a digital signature is appended to software when it is distributed, and a software use platform, upon receiving the software, must confirm the trustworthiness of the software by verifying the appended digital signature. A specific example of this is the technique Microsoft Corp. uses for the distribution of ActiveX controls.
According to this type of conventional technique, a software distributor appends a digital signature to software that is to be distributed. And a software use platform, upon receiving the software, identifies the software distributor based on the digital signature and uses the distributed software only if the specified software distributor is trustworthy. In this manner, application limits can be imposed on the use of the software.
As an additional conventional technique, a step that permits one software to verify the reliability of another is included to inhibit the unauthorized combined use of software.
For example, disclosed in Japanese Patent Laid-Open Publication No. Hei 9-231068 is a technique whereby software A verifies the reliability of software B, via a software use platform P, while the software B verifies the reliability of software A, via the same platform P, and only when the trustworthiness of both software A and software B has been verified, the combined use of software A and B is permitted.
According to another conventional technique, such as the one disclosed in Japanese Patent Laid-Open Publication No. Hei 10-20958, a software provider can limit the use of the software it supplies to a specific platform. However, in this case, the software provider can not impose a restriction such that use of the software with specified programs is permitted while use with others is inhibited. This is true because when means for confirming the trustworthiness of a software use platform is provided, according to the technique, no means is included that permits software to individually confirm, for combined use, the trustworthiness of other programs.
A conventional technique such as the ActiveX distribution technique can not limit the combined use of software that can be used with specific software. Furthermore, from the viewpoint of a software user, the use of software can be limited, but it can not be limited from the viewpoint of the software provider, i.e., the software provider can not inhibit the use of software on an unauthorized software use platform. This is because the technique does not include means by which the software provider can confirm the trustworthiness of the software use platform.
Further, according to a conventional technique such as is disclosed in Japanese Patent Laid-Open Publication No. Hei 9-231068, although a restriction can be imposed on software to be combined and used with other, specified software, when a software use platform is not authenticated, the illegal combined use of software A and B can not be prevented. This occurs because since the technique employs the software use platform to confirm the trustworthiness of software, the software use platform may intentionally skip the confirmation of a trustworthy process, or alter the results obtained by such a process.
To resolve these shortcomings, the objective of the present invention is to provide a technique whereby, when a plurality of programs are to be combined and used, the use of individual programs can be restricted, relative to each of the others, without being affected by the trustworthiness of a platform or without the trustworthiness of the platform being confirmed.